package com.util;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.junit.Test;


public class ShiroBase {
    @Test
    //认证处理
    public void testShiroFirst(){
        //根据ini初始化文件创建SecurityManager工厂
        IniSecurityManagerFactory factory = new IniSecurityManagerFactory("classpath:shiro-first.ini");
        //生成安全管理器，创建securityManager实例
        SecurityManager securityManager = factory.createInstance();
        //使用shiro提供的工具装配安全管理器
        SecurityUtils.setSecurityManager(securityManager);
        //获取shiro访问的主体对象
        Subject subject = SecurityUtils.getSubject();
        //模拟用户登录操作创建访问主体的令牌
        AuthenticationToken token = new UsernamePasswordToken("zs", "1234");
        try{
            subject.login(token);
        }catch (IncorrectCredentialsException icex){
            System.out.println("用户口令错误！！！");
        }catch (UnknownAccountException uaEx){
            System.out.println("用户名错误！！！");
        }catch (AuthenticationException aex){
            System.out.println("用户认证失败！！！");
        }
        if (subject.isAuthenticated()){
            System.out.println("用户登录成功！！！");
        }
    }

    @Test
    //加入权限
    public void testShiroPerms(){
        IniSecurityManagerFactory factory = new IniSecurityManagerFactory("classpath:shiro-first.ini");
        SecurityManager securityManager = factory.createInstance();
        SecurityUtils.setSecurityManager(securityManager);
        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken("ls","1234");
        try{
            subject.login(token);
        }catch (AuthenticationException aex){
            System.out.println("用户认证错误，登录失败！！！");
        }
        if(subject.isAuthenticated()){
            System.out.println("用户登录成功！！！");
            if(subject.isPermitted("stu:select")){
                System.out.println("用户有查询权限stu:select");
            }else{
                System.out.println("无权访问stu:select！！！");
            }
            String[] perms = {
                    "stu:select","stu:delete"};
            boolean[] permitted = subject.isPermitted(perms);//我们需要判断的权限
            if (permitted[1]){
                System.out.println("用户有权访问stu:delete");
            }
            if(!subject.isPermittedAll(perms)){
                System.out.println("用户无权访问！！！");
            }
            if (subject.hasRole("role1")){
                System.out.println("kaka有role1角色");
            }
            if (subject.hasRole("role2")){
                System.out.println("kaka有role2角色");
            }
            if (subject.hasRole("role3")){
                System.out.println("kaka有role3角色");
            }
        }
    }


    @Test
    //自定义安全策略的shiro
    public void testShiroRealm(){
        IniSecurityManagerFactory factory = new IniSecurityManagerFactory("classpath:shiro-realm.ini");
        SecurityManager securityManager = factory.createInstance();
        SecurityUtils.setSecurityManager(securityManager);
        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken("zs", "1234");
        try{
            subject.login(token);
        }catch (UnknownAccountException uaex){
            System.out.println("账户名不存在！！！");
        }catch (IncorrectCredentialsException ice){
            System.out.println("凭证错误！！！");
        }catch (AuthenticationException ae){
            System.out.println("认证失败！！！");
        }
        if(subject.isAuthenticated()){
            System.out.println("用户登录成功！！！");
        }else{
            System.out.println("用户登录失败！！！");
        }
        if(subject.isPermittedAll("stu:select")){
            System.out.println("kaka用户有权访问stu:select");
        }else{
            System.out.println("kaka用户无权访问stu:select");
        }
    }

    @Test
    public void testMd5(){
        String pwd = "1234";
        String salt = "kaka";
        Md5Hash md5Hash1 = new Md5Hash(pwd);
        String md5Str1 = md5Hash1.toString();
        System.out.println("md5加密：" + md5Str1);
        Md5Hash md5Hash2 = new Md5Hash(pwd, salt, 1);
        String md5Str2 = md5Hash2.toString();
        System.out.println("加盐："+md5Str2);
        Md5Hash md5Hash3 = new Md5Hash(pwd, salt, 1024);
        String md5Str3 = md5Hash3.toString();
        System.out.println("多次加盐："+md5Str3);
    }

    @Test
    //自定义安全策略的shiro加密钥
    public void testShiroMd5(){
        IniSecurityManagerFactory factory = new IniSecurityManagerFactory("classpath:shiro-md5.ini");
        SecurityManager securityManager = factory.createInstance();
        SecurityUtils.setSecurityManager(securityManager);
        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken("kaka", "1234");
        try{
            subject.login(token);
        }catch (UnknownAccountException uaex){
            System.out.println("账户名不存在！！！");
        }catch (IncorrectCredentialsException ice){
            System.out.println("凭证错误！！！");
        }catch (AuthenticationException ae){
            System.out.println("认证失败！！！");
        }
        if(subject.isAuthenticated()){
            System.out.println("用户登录成功！！！");
        }else{
            System.out.println("用户登录失败！！！");
        }
    }

}